Specialist Risk and Compliance (TPRM) at MultiChoice

Tasks

Onboarding and Initial Risk Assessment

• Facilitate the end-to-end Inherent Risk Questionnaire (IRQ) process.
• Coordinate and assess Third Party Questionnaires (TPQs) across seven risk domains:
• Business Interruption
• Data Governance, Information Security and Logical Access
• Fraud and Corruption
• Health and Safety
• Physical Access
• Subcontractor Risk
• Content Security
• Identify no-go criteria and risk indicators based on MultiChoice’s defined risk tolerance.
• Recommend remediation actions and escalate issues requiring attention.

 Expanded Scope Beyond Onboarding

• Ongoing Monitoring: Ensure third-party engagements remain within acceptable risk thresholds over time through periodic reviews and reassessments.
• Over-Reliance Risk Management: Identify and mitigate risks where business units become overly dependent on specific vendors.
• Contract and SLA Oversight: Actively manage service level agreements and contractual obligations to ensure compliance and performance.
• Strategic Procurement Support: Act as a bridge between risk and procurement teams to ensure strategic vendors are properly assessed and monitored.
•  Project and Stakeholder Management
• Conduct bi-weekly status meetings with stakeholders.
• Coordinate assessments and ensure quality assurance across assessors.
• Train new assessors on MultiChoice’s methodology and platform.
•  Maintain documentation and facilitate system-based automation of processes.

Reporting and Governance          

• Produce aggregated risk reports and dashboards.
• Support monthly and quarterly reporting to Governance Forums and Risk Committees.
• Track SLA performance and root-cause analysis for missed targets.
• Implement service credit mechanisms where applicable.

 Policy and Framework Alignment

• Ensure alignment with MultiChoice’s ERM framework and internal control environment.
• Collaborate with internal audit, compliance, and forensic teams for combined assurance.
• Review and update policies and SOPs in line with the Policy Framework

 Training and Communication       

• Provide training and communication on TPRM processes and updates.
•  Ensure stakeholders are informed and engaged throughout the lifecycle of third-party relationships.

Risk Management Oversight

•  Proactively identify and assess third-party risks across multiple domains.

• Monitor risk trends and escalate emerging risks to relevant stakeholders.
• Track and report on risk mitigation effectiveness and residual risk levels.
•  Maintain alignment with MultiChoice’s ERM framework and contribute to risk maturity initiatives.

Fraud Prevention and Ethical Conduct

•  Support the development and implementation of fraud prevention strategies.
• Promote ethical conduct through awareness initiatives and collaboration with forensic teams.
• Assist in designing controls to prevent fraud and misconduct.

Internal Audit Collaboration

•  Provide input and support for internal audit planning and execution related to third-party risk.
• Address audit findings and contribute to remediation planning.

 Qualifications and certifications

Essential

• BComm degree OR Bachelor degree in Internal Audit and/or Risk Management,
• An honours degree in either of the two disciplines is essential

 Recommended

• CIA, CRMSA, CISA, ISO31000 or similar international certifications
• Advanced data analytics qualification

 Experience and skill requirements

Essential

• At least 3-5, 6] years’ internal audit and/or risk management experience
• Minimum two years in a position regularly liaising with senior management
• Experience in third-party risk management, contract oversight, and strategic procurement support.
• Strong communication skills and demonstrated ability to communicate at a senior management level
• Excellent understanding of risks and controls
• Good understanding of business models and general business practices
• Relationship management

 Preferred

• Strong proven experience in understanding business processes and process improvements
• Evidenced data analytics experience and skills
• Project risk management experience